The Federal Bureau of Investigation has issued a public service announcement on Monday, in which it recommended that owners of ‘small office and home office routers’ are advised to reset their routers as a result of foreign hacking.
The PSA was posted on the FBI’s official website ‘Internet Crime Complaint Centre’, it stated: ‘’Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide.’
VPNFilter malware is the name of the virus which is launched by the hacker, it is so powerful that it can make the routers obsolete and collect any kind of data that goes through such routers. The number of Americans that are affected by this cyber-attack is not known as of this moment, but the site stated the number is ‘significant.’
This announcement is due to a court order which was issued on Wednesday, the order granted FBI the authority to overtake a website of hackers who were believed to be involved in collecting information from those routers.
The hackers behind the attack use ‘Sofacy Group’ as their name, however, the group is also referred to as ‘apt28,’ ‘sandworm,’ ‘x-agent,’ ‘pawn storm,’ ‘fancy bear’ and ‘sednit,’ according to the DOJ of US. DOJ did a press release on Wednesday on which they said: ‘The group, which has been operating since at least in or about 2007, targets government, military, security organizations, and other targets of perceived intelligence value.’
This group is also believed to be behind the famous Russian hack during the 2016 United States’ presidential campaign. The group is also accused to have embedded the same malware codenamed ‘VPNFilter’ in more than 50 countries in the world, according to a report.
FBI furthermore stated that the virus ‘targets routers produced by several manufacturers and network-attached storage devices by at least one manufacturer.’
The FBI recommends the following for Americans with routers that may have been infected:
- Any owner of small office and home office routers [should] reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices.
- Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled.
- Network devices should be upgraded to the latest available versions of firmware.
Information Source: justice.gov